[Pacemaker] None of the standard agents in ocf:heartbeat are working in centos 6
Andrew Beekhof
andrew at beekhof.net
Sun Jul 29 19:39:03 EDT 2012
On Tue, Jul 24, 2012 at 2:25 PM, Vladislav Bogdanov
<bubble at hoster-ok.com> wrote:
> 24.07.2012 04:50, Andrew Beekhof wrote:
>> On Tue, Jul 24, 2012 at 5:38 AM, David Barchas <dave at barchas.com> wrote:
>>>
>>> On Monday, July 23, 2012 at 7:48 AM, David Barchas wrote:
>>>
>>>
>>> Date: Mon, 23 Jul 2012 14:15:27 +0300
>>> From: Vladislav Bogdanov
>>>
>>> 23.07.2012 08:06, David Barchas wrote:
>>>
>>> Hello.
>>>
>>> I have been working on this for 3 days now, and must be so stressed out
>>> that I am being blinded to what is probably an obvious cause of this. In
>>> a word, HELP.
>>>
>>>
>>> setenforce 0 ?
>>>
>>> i am familiar with it but have never had to disable it. I would be surprised
>>> for packages in standard repos.
>>
>> No-one has written an selinux policy for pacemaker yet.
>> I would imagine that will come in the next month or so.
>>
>
> Highly appreciated. However lrmd part may be not as easy to implement
> properly as it seems at the first glance.
>
You basically have to let the lrmd run unconfined.
I don't think there is any sensible way to constraint something that,
by design, needs to be able to perform arbitrary actions as root.
To do otherwise you would need to enumerate every possible service +
agent that anyone would ever want to write.
More information about the Pacemaker
mailing list